Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Critical
Fix Version/s: None
Affects Version/s: None
Component/s: Operator
Labels:
- candidate-next

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Slack support thread: https://redhat-internal.slack.com/archives/CSPS1077U/p1752722551352459

Description of problem:

The metrics exposed by OpenShift Pipelines controllers do not require any authentication and hence pose security risk in Multitenant environments.

http://<IP_of_tekton-triggers-controller-*_POD>:9000/metrics  --> "openshift-triggers-monitor"
http://<IP_of_tekton-pipelines-controller-*_POD>:9090/metrics  --> "openshift-pipelines-monitor"
http://<IP_of_tekton-chains-controller-*_POD>:9090/metrics  --> "openshift-chains-monitor"
http://<IP_of_openshift-pipelines-operator-*_POD>:9090/metrics  --> "openshift-pipelines-operator-monitor"

Prerequisites (if any, like setup, operators/versions):

Steps to Reproduce

# <steps>

Actual results:

Expected results:

Reproducibility (Always/Intermittent/Only Once):

Acceptance criteria:

Definition of Done:

Build Details:

Additional info (Such as Logs, Screenshots, etc):

*

Assignee:: Shubham Bhardwaj

Reporter:: Jyotsana Arora

Votes:: 1 Vote for this issue

Watchers:: 10 Start watching this issue

Created:: 2025/07/18 6:29 AM

Updated:: 2025/11/12 10:00 AM

Details

Description

Slack support thread: https://redhat-internal.slack.com/archives/CSPS1077U/p1752722551352459

Prerequisites (if any, like setup, operators/versions):

Steps to Reproduce

Actual results:

Expected results:

Reproducibility (Always/Intermittent/Only Once):

Acceptance criteria:

Build Details:

Additional info (Such as Logs, Screenshots, etc):

*

Attachments

Easy Agile Planning Poker

Activity

People

Dates